Inhaltsangabe
Practically every day, we read about a new type of attack on computer systems and networks. Viruses, worms, denials of service, and password sniffers are attacking all types of systems -- from banks to major e-commerce sites to seemingly impregnable government and military computers --at an alarming rate.Despite their myriad manifestations and different targets, nearly all attacks have one fundamental cause: the code used to run far too many systems today is not secure. Flaws in its design, implementation, testing, and operations allow attackers all-too-easy access.Secure Coding, by Mark G. Graff and Ken vanWyk, looks at the problem of bad code in a new way. Packed with advice based on the authors' decades of experience in the computer security field, this concise and highly readable book explains why so much code today is filled with vulnerabilities, and tells readers what they must do to avoid writing code that can be exploited by attackers. Writing secure code isn't easy, and there are no quick fixes to bad code. To build code that repels attack, readers need to be vigilant through each stage of the entire code lifecycle:
- Architecture: during this stage, applying security principles such as "least privilege" will help limit even the impact of successful attempts to subvert software.
- Design: during this stage, designers must determine how programs will behave when confronted with fatally flawed input data. The book also offers advice about performing security retrofitting when you don't have the source code -- ways of protecting software from being exploited even if bugs can't be fixed.
- Implementation: during this stage, programmers must sanitize all program input (the character streams representing a programs' entire interface with its environment -- not just the command lines and environment variables that are the focus of most securityanalysis).
- Testing: during this stage, programs must be checked using both static code checkers and runtime testing methods -- for example, the fault injection systems now available to check for the presence of such flaws as buffer overflow.
- Operations: during this stage, patch updates must be installed in a timely fashion. In early 2003, sites that had diligently applied Microsoft SQL Server updates were spared the impact of the Slammer worm that did serious damage to thousands of systems.
Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.
Über die Autorin bzw. den Autor
Mark Graff is Chief Cyber Security Officer for Lawrence Livermore National Lab and was formerly Network Security Architect and Security Coordinator at Sun Microsystems. He has been a Congressional expert witness, has lectured on network security topics at the Pentagon, and has appeared before the Presidential Commission on Infrastructure Survivability.Ken van Wyk is Director of Technology for Tekmark Global Service's Technology Risk Management (TGS-TRM) practice, and was Chief Technology Officer and Co-Founder of security firm Para-Protect Services. He was one of the founders of the Computer Emergency Response Team (CERT).
„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.
Weitere beliebte Ausgaben desselben Titels
Suchergebnisse für Secure Coding: Principles & Practices: Principles...
Beispielbild für diese ISBN
Secure Coding: Principles and Practices
Anbieter: World of Books (was SecondSale), Montgomery, IL, USA
Verkäuferbewertung 5 von 5 Sternen
Zustand: Good. Item in good condition. Textbooks may not include supplemental items i.e. CDs, access codes etc. Artikel-Nr. 00095760158
Gebraucht kaufen
EUR 6,22
Versand gratis
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: 2 verfügbar
Beispielbild für diese ISBN
Secure Coding: Principles and Practices
Anbieter: ThriftBooks-Atlanta, AUSTELL, GA, USA
Verkäuferbewertung 5 von 5 Sternen
Paperback. Zustand: Very Good. No Jacket. May have limited writing in cover pages. Pages are unmarked. ~ ThriftBooks: Read More, Spend Less. Artikel-Nr. G0596002424I4N00
Gebraucht kaufen
EUR 6,40
Versand gratis
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: 1 verfügbar
Beispielbild für diese ISBN
Secure Coding: Principles and Practices
Anbieter: ThriftBooks-Dallas, Dallas, TX, USA
Verkäuferbewertung 5 von 5 Sternen
Paperback. Zustand: Good. No Jacket. Former library book; Pages can have notes/highlighting. Spine may show signs of wear. ~ ThriftBooks: Read More, Spend Less. Artikel-Nr. G0596002424I3N10
Gebraucht kaufen
EUR 6,40
Versand gratis
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: 1 verfügbar
Beispielbild für diese ISBN
Secure Coding: Principles and Practices
Anbieter: ThriftBooks-Dallas, Dallas, TX, USA
Verkäuferbewertung 5 von 5 Sternen
Paperback. Zustand: Very Good. No Jacket. May have limited writing in cover pages. Pages are unmarked. ~ ThriftBooks: Read More, Spend Less. Artikel-Nr. G0596002424I4N00
Gebraucht kaufen
EUR 6,40
Versand gratis
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: 1 verfügbar
Beispielbild für diese ISBN
Secure Coding : Principles and Practices
Verlag:
O'Reilly Media, Incorporated, 2003
ISBN 10: 0596002424
ISBN 13: 9780596002428
Gebraucht
Softcover
Erstausgabe
Anbieter: Better World Books, Mishawaka, IN, USA
Verkäuferbewertung 5 von 5 Sternen
Zustand: Good. 1st Edition. Former library copy. Pages intact with minimal writing/highlighting. The binding may be loose and creased. Dust jackets/supplements are not included. Includes library markings. Stock photo provided. Product includes identifying sticker. Better World Books: Buy Books. Do Good. Artikel-Nr. GRP56620135
Gebraucht kaufen
EUR 7,39
Versand gratis
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: 1 verfügbar
Beispielbild für diese ISBN
Secure Coding : Principles and Practices
Verlag:
O'Reilly Media, Incorporated, 2003
ISBN 10: 0596002424
ISBN 13: 9780596002428
Gebraucht
Softcover
Erstausgabe
Anbieter: Better World Books Ltd, Dunfermline, Vereinigtes Königreich
Verkäuferbewertung 5 von 5 Sternen
Zustand: Very Good. 1st Edition. Pages intact with possible writing/highlighting. Binding strong with minor wear. Dust jackets/supplements may not be included. Stock photo provided. Product includes identifying sticker. Better World Books: Buy Books. Do Good. Artikel-Nr. GRP105078590
Gebraucht kaufen
EUR 5,49
EUR 5,78 Versand
Versand von Vereinigtes Königreich nach USA
Versand von Vereinigtes Königreich nach USA
Anzahl: 1 verfügbar
Beispielbild für diese ISBN
Secure Coding: Principles and Practices
Anbieter: medimops, Berlin, Deutschland
Verkäuferbewertung 5 von 5 Sternen
Zustand: very good. Gut/Very good: Buch bzw. Schutzumschlag mit wenigen Gebrauchsspuren an Einband, Schutzumschlag oder Seiten. / Describes a book or dust jacket that does show some signs of wear on either the binding, dust jacket or pages. Artikel-Nr. M00596002424-V
Gebraucht kaufen
EUR 5,31
EUR 10,00 Versand
Versand von Deutschland nach USA
Versand von Deutschland nach USA
Anzahl: 1 verfügbar
Beispielbild für diese ISBN
Secure Coding â" Principles & Practices
Verlag:
O'Reilly Media, United States, Sebastopol, 2003
ISBN 10: 0596002424
ISBN 13: 9780596002428
Gebraucht
Paperback
Anbieter: WorldofBooks, Goring-By-Sea, WS, Vereinigtes Königreich
Verkäuferbewertung 5 von 5 Sternen
Paperback. Zustand: Very Good. Practically every day, we read about a new type of attack on computer systems and networks. Viruses, worms, denials of service, and password sniffers are attacking all types of systems - from banks to major e-commerce sites to seemingly impregnable government and military computers - at an alarming rate. Despite their myriad manifestations and different targets, nearly all attacks have one fundamental cause: the code used to run far too many systems today is not secure. Flaws in its design, implementation, testing, and operations allow attackers all-too-easy access. This volume looks at the problem of bad code in a new way. It contains advice based on the authors' decades of experience in the computer security field and explains why so much code today is filled with vulnerabilities, and tells readers what they must do to avoid writing code that can be exploited by attackers. Writing secure code isn't easy, and there are no quick fixes to bad code. To build code that repels attack, readers need to be vigilant through each stage of the entire code lifecycle: Architecture: during this stage, applying security principles such as "least privilege" will help limit even the impact of successful attempts to subvert software. Design: during this stage, designers must determine how programs will behave when confronted with fatally flawed input data. The book also offers advice about performing security retrofitting when you don't have the source code - ways of protecting software from being exploited even if bugs can't be fixed. Beyond the technical, "Secure Coding" aims to shed new light on the economic, psychological, and sheer practical reasons why security vulnerabilities are so ubiquitous today. It presents a new way of thinking about these vulnerabilities and ways that developers can compensate for the factors that have produced such unsecured software in the past. It issues a challenge to all those concerned about computer security to finally make a commitment to building code the right way. The book has been read, but is in excellent condition. Pages are intact and not marred by notes or highlighting. The spine remains undamaged. Artikel-Nr. GOR002187432
Gebraucht kaufen
EUR 6,65
EUR 9,02 Versand
Versand von Vereinigtes Königreich nach USA
Versand von Vereinigtes Königreich nach USA
Anzahl: 2 verfügbar
Beispielbild für diese ISBN
Secure Coding â" Principles & Practices
Anbieter: Sell Books, Elland, YORKS, Vereinigtes Königreich
Verkäuferbewertung 5 von 5 Sternen
paperback. Zustand: Good. Our good condition books are generally good for reading but not for gifting or collecting. They could have imperfections such as creasing, fanning, inscriptions, margin notes, yellowing, staining on edge or cover or pages, bumps, scuffs, etc etc (sometimes multiple of these). It's a wide category that encompasses anything that isn't almost-new down to anything that is slightly better than poor. We would NOT recommend gifting Good books - these should be considered reading copies. Our books are dispatched from a Yorkshire former cotton mill. We list via barcode/ISBN so please note that the images are stock images and may not be the exact copy you receive, furthermore the details about edition and year might not be accurate as many publishers reuse the same ISBN for multiple editions and as we simply scan a barcode or enter an ISBN we do not check the validity of the edition data when listing. If you're looking for an exact edition please don't order (at least not without checking with us first, although we don't always have time to check). We aim to dispatch prompty, the service used will depend on order value and book size. We can ship to most countries, see our shipping policies. Payment is via Abe only. Artikel-Nr. mon0000051502
Gebraucht kaufen
EUR 2,98
EUR 14,05 Versand
Versand von Vereinigtes Königreich nach USA
Versand von Vereinigtes Königreich nach USA
Anzahl: 1 verfügbar
Foto des Verkäufers
Secure Coding - Principles and Practices - [Designing & Implementing Secure Applications]
Verlag:
Beijing [u.a.], O'Reilly, 2003
ISBN 10: 0596002424
ISBN 13: 9780596002428
Gebraucht
Softcover
Erstausgabe
Anbieter: Antiquariat Orban & Streu GbR, Frankfurt am Main, Deutschland
Verkäuferbewertung 5 von 5 Sternen
Erstausgabe, 8°, XX, 202 S., Text: englisch, illustr. original Kartonage (Paperback), Bibliotheksstempel auf Vorsatzseite, sonst schönes, sauberes Exemplar. Abholung im Ladengeschäft in Frankfurt am Main (Nordend ggü. Musterschule) möglich. Das spart die Portokosten. Pickup at the store in Frankfurt am Main (Nordend, close to Musterschule) is possible. It saves the shipping costs. Artikel-Nr. 18906CB
Gebraucht kaufen
EUR 18,00
EUR 38,00 Versand
Versand von Deutschland nach USA
Versand von Deutschland nach USA
Anzahl: 1 verfügbar